General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsLithos
(26,403 posts)Feel good medicine to officials who thought that the real issue to solve was convenience and to assuage the image voting and elections were in the Stone Age and needed to be made more efficient.
Security is a hard problem requiring monk like discipline. The average elections official is incompetent and unprepared to handle the details. . Automation without understanding security makes it even easier to hack.
There was an article which showed that security is so lax an 11 yr old could casually hack it.
mythology
(9,527 posts)But what they said at the very bottom was the 11 year old could use a known vulnerability in the website to display a different vote total on a website, but that it wouldn't change the actual vote count. Which is far less clickbaity, so Buzzfeed didn't use that as the headline.
lagomorph777
(30,613 posts)Lithos
(26,403 posts)As a company, if I want to handle credit cards, then I have to be PCI compliant.
As a company, if I want to work with Health Care data, then I have to be HIPAA compliant
As a company, if I want to work with Personnel records - then I have to be PII compliant
As a company, if I want to work with financial records, then I have to be SOX complaint
As a government (or vendor), I do not have to have any real compliance to be able to develop software, or design a system, or hold an election.
L-
Jim Lane
(11,175 posts)have known this for years and don't approve of electronic ballot counters either. All of this should be done by hand by certified vote counters that are re-certified every election.
(from an IT admin that knows a thing or two about viruses, hacking and network security).
TheFrenchRazor
(2,116 posts)lagomorph777
(30,613 posts)OnDoutside
(19,956 posts)a bigger question re the boxes....are there unique tamper tags going on them ? Here in Ireland, a friend of mine noticed that they were using cable ties, which could be replaced, so finally after threatening to go to court before the recent abortion referendum, on the day the ballot boxes had unique numbered cable ties.
Achilleaze
(15,543 posts)"We're concerned that you decent & honest American citizens are calling attention to our voting scams. Just wait till Pooty Poot hears about this. He might cut off the flow of our betrayal money to the NRA and then on to us. Whine." - KGOP republicans
Ezior
(505 posts)These machines are toxic e-waste.
There is no way to make them secure.
This is a print out of the software for the Apollo Guidance computer:
wikipedia
Engineers went over every line of it, knowing there were billions of dollars and the lives of our astronauts at stake, a project comprised 1400 person-years of effort, with a peak workforce of 350 people, yet there was still a bug in the system that generated terrifying unanticipated warnings during the Apollo 11 decent.
The hardware and software of a modern voting machine is billions of times more complex and there is no possible way to know what exploits might exist.
Paper ballots are a tried and true technology and ordinary people can understand the vulnerabilities of a paper ballot system and guard against them.
lagomorph777
(30,613 posts)It was stitched, one hair-thin wire at a time, into microscopic magnetic donuts.
Oh, and the "bug" that threatened Armstrong and Aldrin was really an overload; too much data was coming from the terrain-sensing radar because they were flying over an unexpected boulder field. The alarm in that case was valid; the "bug" was inadequate reconnaissance data used for flight preparation.
https://spectrum.ieee.org/tech-history/space-age/software-as-hardware-apollos-rope-memory
fescuerescue
(4,448 posts)It's an interesting conference, but generally everything is overstated and over-hyped and the media MASSIVELY distorts what goes on there.
I haven't evaluated the materials from this year conference yet, but if the media got it right this year, that would be a first.